mirror of
https://github.com/refraction-networking/uquic.git
synced 2025-04-03 20:27:35 +03:00
drop Handshake keys as soon as the handshake completes (as a server)
This commit is contained in:
parent
08ec2f69fc
commit
f7fd5d2848
5 changed files with 27 additions and 0 deletions
|
@ -563,6 +563,15 @@ func (h *cryptoSetup) dropInitialKeys() {
|
|||
h.logger.Debugf("Dropping Initial keys.")
|
||||
}
|
||||
|
||||
func (h *cryptoSetup) DropHandshakeKeys() {
|
||||
h.mutex.Lock()
|
||||
h.handshakeOpener = nil
|
||||
h.handshakeSealer = nil
|
||||
h.mutex.Unlock()
|
||||
h.runner.DropKeys(protocol.EncryptionHandshake)
|
||||
h.logger.Debugf("Dropping Handshake keys.")
|
||||
}
|
||||
|
||||
func (h *cryptoSetup) GetInitialSealer() (LongHeaderSealer, error) {
|
||||
h.mutex.Lock()
|
||||
defer h.mutex.Unlock()
|
||||
|
|
|
@ -73,6 +73,7 @@ type CryptoSetup interface {
|
|||
|
||||
HandleMessage([]byte, protocol.EncryptionLevel) bool
|
||||
SetLargest1RTTAcked(protocol.PacketNumber)
|
||||
DropHandshakeKeys()
|
||||
ConnectionState() tls.ConnectionState
|
||||
|
||||
GetInitialOpener() (LongHeaderOpener, error)
|
||||
|
|
|
@ -76,6 +76,18 @@ func (mr *MockCryptoSetupMockRecorder) ConnectionState() *gomock.Call {
|
|||
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ConnectionState", reflect.TypeOf((*MockCryptoSetup)(nil).ConnectionState))
|
||||
}
|
||||
|
||||
// DropHandshakeKeys mocks base method
|
||||
func (m *MockCryptoSetup) DropHandshakeKeys() {
|
||||
m.ctrl.T.Helper()
|
||||
m.ctrl.Call(m, "DropHandshakeKeys")
|
||||
}
|
||||
|
||||
// DropHandshakeKeys indicates an expected call of DropHandshakeKeys
|
||||
func (mr *MockCryptoSetupMockRecorder) DropHandshakeKeys() *gomock.Call {
|
||||
mr.mock.ctrl.T.Helper()
|
||||
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "DropHandshakeKeys", reflect.TypeOf((*MockCryptoSetup)(nil).DropHandshakeKeys))
|
||||
}
|
||||
|
||||
// Get1RTTOpener mocks base method
|
||||
func (m *MockCryptoSetup) Get1RTTOpener() (handshake.ShortHeaderOpener, error) {
|
||||
m.ctrl.T.Helper()
|
||||
|
|
|
@ -51,6 +51,7 @@ type cryptoStreamHandler interface {
|
|||
RunHandshake()
|
||||
ChangeConnectionID(protocol.ConnectionID)
|
||||
SetLargest1RTTAcked(protocol.PacketNumber)
|
||||
DropHandshakeKeys()
|
||||
io.Closer
|
||||
ConnectionState() tls.ConnectionState
|
||||
}
|
||||
|
@ -610,6 +611,7 @@ func (s *session) handleHandshakeComplete() {
|
|||
s.closeLocal(err)
|
||||
}
|
||||
s.queueControlFrame(&wire.NewTokenFrame{Token: token})
|
||||
s.cryptoStreamHandler.DropHandshakeKeys()
|
||||
s.queueControlFrame(&wire.HandshakeDoneFrame{})
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1204,6 +1204,7 @@ var _ = Describe("Session", func() {
|
|||
defer GinkgoRecover()
|
||||
<-finishHandshake
|
||||
cryptoSetup.EXPECT().RunHandshake()
|
||||
cryptoSetup.EXPECT().DropHandshakeKeys()
|
||||
close(sess.handshakeCompleteChan)
|
||||
sess.run()
|
||||
}()
|
||||
|
@ -1256,6 +1257,7 @@ var _ = Describe("Session", func() {
|
|||
go func() {
|
||||
defer GinkgoRecover()
|
||||
cryptoSetup.EXPECT().RunHandshake()
|
||||
cryptoSetup.EXPECT().DropHandshakeKeys()
|
||||
close(sess.handshakeCompleteChan)
|
||||
sess.run()
|
||||
}()
|
||||
|
@ -1506,6 +1508,7 @@ var _ = Describe("Session", func() {
|
|||
go func() {
|
||||
defer GinkgoRecover()
|
||||
cryptoSetup.EXPECT().RunHandshake().MaxTimes(1)
|
||||
cryptoSetup.EXPECT().DropHandshakeKeys().MaxTimes(1)
|
||||
close(sess.handshakeCompleteChan)
|
||||
err := sess.run()
|
||||
nerr, ok := err.(net.Error)
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue